Security News

Destructive attacks that targeted Iran's transport ministry and national train system were coordinated by a threat actor dubbed Indra, who previously deployed wiper malware on the networks of multiple Syrian organizations. "The attacks on Iran were found to be tactically and technically similar to previous activity against multiple private companies in Syria which was carried at least since 2019," Check Point Research analysts who made the connection said.

While it is paramount that the IT department and the security teams are strong partners in protecting the company, the best practice is to have a separation of duties to ensure the group delivering the IT services is not also responsible for monitoring and managing the security risk. Examining the security posture of every system to understand what is being used and where the risks reside, and having a mitigation plan to protect employee, company and customer data is critical.

While IT security decision makers often consider cyberattacks a serious concern and are allocating a significant share of their IT budget to address their cybersecurity challenges, data breaches have still been uncomfortably commonplace, an INTRUSION survey reveals. Data breaches are too commonplace despite allocating significant portions of their IT budget to cybersecurity.

Spectral announced the release of DeepConfig, a detection technology that can identify misconfigurations at all layers of software to prevent exploits of security gaps and data breaches. Spectral's DeepConfig is the first solution that can detect misconfigurations at all layers of software, including the infrastructure layer and the data layer, which is composed of products like Elastic, MySQL, Redis, Memcache, and more.

Seventy percent estimate their high-value assets have been compromised in the past 12 months, and fifty percent believe there will be a cyber 9/11 in the next 10 years. The study - underwritten by INTEGRITY Global Security - found that 93 percent of leaders believe it is possible to build zero vulnerability platforms.

Cado Security announced the addition of memory acquisition, processing and analysis capabilities to its Cado Response platform. With Memory Forensics, security teams gain enhanced visibility and context to identify the root cause of incidents and respond to data breaches faster.

Today, most companies rely on manual processes and good intentions to ensure proper SaaS security management, but that is not enough. The AppOmni SaaS Security Management platform, which offers a full suite of SaaS security posture, protection, and monitoring capabilities, covers the most widely adopted and business-critical SaaS applications on the market including Salesforce, ServiceNow, Microsoft 365, Microsoft Teams, GitHub, Workday, Box, Slack, and Zoom.

Firms looking to save money by shifting to more flexible ways of working will need to think carefully about IT security and the additional cost of breaches linked to staff working from home. That's according to the latest annual "Cost of a Data Breach Report" conducted by Ponemon Institute along with IBM Security, which found that the average total cost of a remote-working data breach was more than $1m higher than cyberattacks where remote working wasn't a factor.

Sontiq released the Mid-Year 2021 Cybercrime Report, which highlights five key trends and the 2021 data breaches that pose the highest level of risk to victims. The report's insights were derived from data generated by Sontiq's call center, Identity Restoration Team, and through BreachIQ data breach analysis.

The British government wants to make Amazon, Google, and other digital service providers report cybersecurity breaches to the Information Commissioner, according to newly published plans. Due to Brexit, the government can amend the UK's Network and Information Security Regulations to let the Information Commissioner's Office, the local data watchdog, dictate what kind of cybersecurity breaches must be reported to it.